CVE-2019-20528

CVE-2019-20528

Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp username parameter.

Source: CVE-2019-20528